Blog

Roundups

Nov 20, 2025

The best SAML providers for B2B SaaS in 2025

Everything you need to know about choosing a SAML provider for enterprise SSO in modern B2B platforms.

One-Time Passwords (OTPs) explained: What they are, how they work, and when to use them

Everything you need to know about OTPs, from HOTP and TOTP internals to real-world pros and cons, plus how WorkOS can help you implement them cleanly.

WorkOS partners with Entra Agent ID

WorkOS is a proud partner in the Microsoft Entra Agent ID partner ecosystem.

How to handle JWT in Go

Everything you need to know to implement and validate JWTs securely in Go: from signing to verifying with JWKS, with code examples and best practices throughout.

The developer’s guide to SAML authentication

A developer-focused walkthrough of SAML SSO for developers who want to understand all the moving parts without needing a PhD in XML sorcery.

API Keys vs M2M Applications: Differences, use cases, and how to decide

A practical guide to choosing the right machine authentication model for your SaaS product.

The developer’s guide to HTTP error codes

Understanding the intent behind 401 vs 403, 400 vs 422, and other misunderstood status codes.

The hidden costs of open source SSO: Why enterprise readiness requires more than free code

The illusion of free: How open source SSO quietly makes your team the vendor, the patch manager, and the on-call ops team.

What is Agnost AI? An MCP server analytics platform

Agnost provides analytics for MCP servers, tracking tool invocations, latency, errors, and user journeys across Claude Desktop, VS Code, and other AI clients.

Why building SCIM is hard

Why SCIM looks easy on paper but is one of the hardest integrations to build and scale in practice.

The hidden cost of password sharing and how to prevent it

Password sharing quietly eats away at seat-based revenue and introduces risk when companies tighten authentication rules. WorkOS Radar gives teams a smarter way to detect shared credentials, reduce false positives, and protect growth.

Scaling user provisioning with SCIM bulk operations and filtering

Explore how SCIM’s advanced features, bulk operations and filtering, make identity synchronization faster and more efficient for large-scale environments.

Session revocation explained: Protect your users, systems, and AI agents

Learn what session revocation is, why it’s essential for securing user and AI agent sessions, and how WorkOS makes it simple to build “Sign Out Everywhere” into your app with just a few lines of code.

October Updates

API Keys, Stripe Billing Seat Sync, AI Branding Assistant, & more

Stripe Seat Sync: A simpler way to build seat-based billing with WorkOS

WorkOS now supports automated seat-based billing with Stripe. It tracks organization members and sends seat usage to Stripe Meters so billing stays accurate without custom scripts, webhooks, or billing infrastructure.

Maria Paktiti

Nov 3, 2025

Widget Skills: WorkOS-powered UIs, generated for your stack

Pipes MCP: Session-scoped authorization for AI agents

Agent Experience: Build without leaving your terminal

The best SAML providers for B2B SaaS in 2025

One-Time Passwords (OTPs) explained: What they are, how they work, and when to use them

WorkOS partners with Entra Agent ID

How to handle JWT in Go

The developer’s guide to SAML authentication

API Keys vs M2M Applications: Differences, use cases, and how to decide

The developer’s guide to HTTP error codes

The hidden costs of open source SSO: Why enterprise readiness requires more than free code

What is Agnost AI? An MCP server analytics platform

Why building SCIM is hard

The hidden cost of password sharing and how to prevent it

Scaling user provisioning with SCIM bulk operations and filtering

Session revocation explained: Protect your users, systems, and AI agents

October Updates

Stripe Seat Sync: A simpler way to build seat-based billing with WorkOS

No results found